<?php

require ("../class/login.php");

if ($_GET['action'] == "login") {

	$username = htmlentities(mysql_real_escape_string($_POST['username']));
	$password = md5(htmlentities(mysql_real_escape_string($_POST['password'])));
	
	if (($username == "") || ($password =="")) {
		?>
			<script language="javascript">
			document.location="index.php?error=1";
			</script>
		<?php
		
	} else {
		
	
		$login = getLogin($username, $password);
		
		if ($login) {
			session_start();
			foreach ($login as $x) {
				if ($x['hak_akses'] == "Admin") {
					session_register("admin-login");
					$_SESSION['admin-login'] = true;
					$_SESSION['username'] = $x['username'];
					$_SESSION['nama'] = $x['nama'];
					$_SESSION['hak_akses'] = $x['hak_akses'];
					
					?>
						<script language="javascript">
						document.location="admin.php";
						</script>
					<?php
					
				} elseif ($x['hak_akses'] == "Operator") {
					session_register("operator-login");
					$_SESSION['operator-login'] = true;
					$_SESSION['username'] = $x['username'];
					$_SESSION['idsektoral'] = $x['idsektoral'];
					
					?>
						<script language="javascript">
						document.location="operator.php";
						</script>
					<?php
				}
			}
			
		} else {
			?>
				<script language="javascript">
				document.location="index.php?error=1";
				</script>
			<?php
		}
	}
}

?>

<!doctype html>

<head>

	<!-- Basics -->
	
	<meta charset="utf-8">
	<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
	
	<title>Diskimrum GIS</title>

	<!-- CSS -->
	
	<link rel="stylesheet" href="../assets/css/reset.css">
	<link rel="stylesheet" href="../assets/css/animate.css">
	<link rel="stylesheet" href="../assets/css/styles.css">
	<link rel="stylesheet" href="../assets/css/bootstrap.css">
	
</head>

	<!-- Main HTML -->
	
<body>
	
	<!-- Begin Page Content -->
	
	<div id="container">
		<?php
			if ((isset($_GET['error'])) && ($_GET['error'] == '1')) {
				$o .= '<div class="alert alert-error">
					   <center>Username atau Password salah!</center>
					   </div>';
			} else {
				$o .= '';
			}
			
			echo $o;
		?>
		<form action="?action=login" method="POST">
		
		<label for="name">Username:</label>
		
		<input type="name" name="username">
		
		<label for="username">Password:</label>
		
		<input type="password" name="password">
		
		<div id="lower">
		
		<input type="submit" value="Login">
		
		</div>
		
		</form>
		
	</div>
	<!-- End Page Content -->
</body>

</html>



